GitHub comments abused to push malware via Microsoft repo URLs
https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/

A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.
Red team RTO 1(Cobalt strike)

Red Team Operations (RTO) II

share some useful archives about vm and qemu escape exploit.
https://github.com/WinMin/awesome-vm-exploit

A collection of links related to VMware escape exploits by year
https://github.com/xairy/vmware-exploitation

awesome-cyber-security-university

🎓 Because Education should be free. Contributions welcome! 🕵️

https://brootware.github.io/awesome-cyber-security-university/

hasherezade 1001 nights(how Start?)
https://hshrzd.wordpress.com/how-to-start/

Many people approach me asking more or less the same questions: how to start RE, how to become a malware analyst, how did I start, what materials I can recommend, etc. So, in this section I will collect some hints and useful links for the beginners.

Iczelion's tutorial Series
Win32 Assembly and VxD Tutorials
https://web.archive.org/web/20171110201344/http://win32assembly.programminghorizon.com/tutorials.html

AI-powered search engine with a generative UI.
http://www.morphic.sh

#ai

Series of VMProtect 2 analysis:
🛡VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture

🎩GitHub


🛡VMProtect 2 - Part Two, Complete Static Analysis

#vmprotect #vmp

How To Unpack VMProtect 3 (X64) Night Sky Ransomware (Patreon)
Link

#vmprotect #vmp

Рансомварщики HelloKitty опубликовали пароли к архивам с исходниками игр Ведьмак 3 (включая next-gen версию), Гвинт, и Thronebreaker: The Witcher Tales.

Magnet: magnet:?xt=urn:btih:44134e7ade0f85e0ee940c33a7bfed5204587b93&dn=funnytorrent&tr=udp://tracker.openbittorrent.com:80&tr=udp://tracker.opentrackr.org:1337/announce

w3: oJX&S5678536Y8as%23
gwent: GyrS^&4A89x,
w3rtx: NIh\\*AS^8x0Xppw
thronebreaker: AN87*-2047UIOSh78^X

Someone used AI to make Lockbit ransomware groups statement regarding the FBI takedown ... into an anime-like EDM ..


https://news.1rj.ru/str/vxunderground/3996

pestudio pro 9.57

🔴 اسلاید های کنفرانس Black Hat Asia 2024 که 16 تا 19 آوریل/28 تا 31 فروردین در سنگاپور برگزار شد ، در دسترسه که میتونید از گیتهابمون بصورت تکی یا یکجا (Releases) دانلود کنید.

#Conference #BHASIA #blackhat

🆔 @onhex_ir
➡️ ALL Link

（APT-Q-31） A memory loader Cobalt Strike written by Rust

English :
https://www-ctfiot-com.translate.goog/175132.html?_x_tr_sl=fa&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp


Tutorial [Cobalt Strike Shellcode Loader With Rust] :

https://www.youtube.com/watch?v=XfUTpwZKCDU


A COFF loader made in Rust :

https://github.com/hakaioffsec/coffee

Windows Phantom DLL Hijacking: New Contribution to Hijack Execution Flow – DLL Search Order Hijacking
https://interpressecurity.com/resources/windows-phantom-dll-hijacking/


DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse


#dll_hijacking

#exploit
"One Flip is All It Takes:
Identifying Syscall-Guard Variables for Data-Only Attacks", 2024.
]-> https://github.com/psu-security-universe/viper
]-> https://github.com/PSU-Security-Universe/data-only-attacks

Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW
[ GITHUB ]

#DLL_SideLoading
#Dropper #Lnk

Refresh AD Groups Membership without Reboot/Logoff

Purge the computer account kerberos tickets with:

klist -lh 0 -li 0x3e7 purge

Reload User Groups Membership without Logging Off with:
klist purge

[Twitter]

#AD